Forensic data extraction tool for Android applications

Jonas, Freddie (2016) Forensic data extraction tool for Android applications. BSc dissertation, University of Portsmouth.

[img] PDF
Restricted to Registered users only

Download (12MB)

    Abstract

    As mobile devices overtake conventional computers and laptops as society's primary method of accessing the internet, the current forensic examination tools are being left in the dust. This leaves law enforcement agencies inundated with mobile devices which now require manual examination, wasting valuable police time. This project aims to assist with this workload by researching and developing a generic investigation and extraction tool, targeted at Android applications using SQlite databases. Initially, a literature review was conducted into the existing mobile forensic met hods and their limitations and into the SQlite database engine. The requirements of the project were developed with the Hampshire Constabulary High Tech Crime Unit and are aimed at locating data from messaging applications. The final artefact is a forensic tool which scans through an extracted ADB (Android Debugging Bridge) backup and examines all the SQlite databases that it contains. It locates and classifies possible message data, email addresses, phone numbers and timestamps. A report of its findings is produced for the investigator and suspicious data can also be extracted to CSV files providing instant results. The final product is a tool to help Hampshire Constabulary with their essential work.

    Item Type: Dissertation
    Departments/Research Groups: Faculty of Technology > School of Computing
    Depositing User: Jane Polwin
    Date Deposited: 05 Aug 2016 14:22
    Last Modified: 05 Aug 2016 14:57
    URI: http://eprints.port.ac.uk/id/eprint/21430

    Actions (login required)

    View Item

    Document Downloads

    More statistics for this item...